Windows 10 Registry

The Windows 10 Registry is not in actuality a central hierarchical database or one large fi le, but rather a set of files referred to as ‘Hives.’ These files, located in the “C:\Windows\System32\config” and “C:\Users\[Username]\” directories,

  • C:\Windows\System32\config\DEFAULT: contains the default system information which is stored in the “HKEY_USERS\.DEFAULT” Key.
  • C:\Windows\System32\config\SAM: contains information about the Security Accounts Manager (SAM) service which is stored in the “HKLM\SAM” Key.
  • C:\Windows\System32\config\SECURITY: contains the security information which is stored in the “HKLM\SECURITY” Key.
  • C:\Windows\System32\config\SOFTWARE: contains information about the computer’s software configuration which is stored in the “HKLM\SOFTWARE” Key.
  • C:\Windows\System32\config\SYSTEM: contains information about the computer’s system configuration which is stored in the “HKLM\SYSTEM” Key.
  • C:\Users\[Username]\NTUSER.DAT: contains the Registry settings for an individual User account

Read :